[PM-22861] Account security state (#322)

## 🎟️ Tracking

https://bitwarden.atlassian.net/browse/PM-22861

## 📔 Objective

This adds the initial version of account security state to the sdk, on
init of the sdk state, and for enrollment to v2 crypto.

Account security state is an attestation to a specific version and
featureset that is enabled. The version is used to prevent cryptographic
downgrades of the account state.

This will prevent downgrades in the following ways:
- Arbitrary old states cannot be created by the server, because the
state is signed for a user by the user's signing key, the server can
only record entire states
- A signed in session will not accept a sync with an older state
- Some sign in mechanisms will not accept a sync with an older state
(login-with-device 2.0, PRF 2.0, both still to be specified)

A security version then is used to lock down specific features. If a
feature is to be disabled, then a migrator is needed. After migrating
the account not to use the retired feature, the version is incremented
and any subsequent syncs with that format included are rejected.

This PR stores the account security state on the client for v2 users.
However, besides validating that the state is correctly signed, it is
not yet used.

## ⏰ Reminders before review

- Contributor guidelines followed
- All formatters and local linters executed and passed
- Written new unit and / or integration tests where applicable
- Protected functional changes with optionality (feature flags)
- Used internationalization (i18n) for all UI strings
- CI builds passed
- Communicated to DevOps any deployment requirements
- Updated any necessary documentation (Confluence, contributing docs) or
informed the documentation
  team

## 🦮 Reviewer guidelines

<!-- Suggested interactions but feel free to use (or not) as you desire!
-->

- 👍 (`:+1:`) or similar for great changes
- 📝 (`:memo:`) or ℹ️ (`:information_source:`) for notes or general info
- ❓ (`:question:`) for questions
- 🤔 (`:thinking:`) or 💭 (`:thought_balloon:`) for more open inquiry
that's not quite a confirmed
  issue and could potentially benefit from discussion
- 🎨 (`:art:`) for suggestions / improvements
- ❌ (`:x:`) or ⚠️ (`:warning:`) for more significant problems or
concerns needing attention
- 🌱 (`:seedling:`) or ♻️ (`:recycle:`) for future improvements or
indications of technical debt
- ⛏ (`:pick:`) for minor or nitpick changes

---------

Co-authored-by: Daniel García <[email protected]>

Author: quexten

Cargo.lock

@@ -57,6 +57,7 @@ reqwest = { version = ">=0.12.5, <0.13", features = [
 ], default-features = false }
 schemars = { version = ">=0.8.9, <0.9", features = ["uuid1", "chrono"] }
 serde = { version = ">=1.0, <2.0", features = ["derive"] }
+serde_bytes = { version = ">=0.11.17, <0.12.0" }
 serde_json = ">=1.0.96, <2.0"
 serde_qs = ">=0.12.0, <0.16"
 serde_repr = ">=0.1.12, <0.2"

Cargo.toml

@@ -45,6 +45,7 @@ rand = ">=0.8.5, <0.9"
 reqwest = { workspace = true }
 schemars = { workspace = true }
 serde = { workspace = true }
+serde_bytes = { workspace = true }
 serde_json = { workspace = true }
 serde_qs = { workspace = true }
 serde_repr = { workspace = true }

crates/bitwarden-core/Cargo.toml

@@ -115,9 +115,12 @@ mod tests {
     use bitwarden_crypto::{BitwardenLegacyKeyBytes, Kdf, MasterKey, SpkiPublicKeyBytes};
 
     use super::*;
-    use crate::key_management::{
-        crypto::{AuthRequestMethod, InitUserCryptoMethod, InitUserCryptoRequest},
-        SymmetricKeyId,
+    use crate::{
+        client::internal::UserKeyState,
+        key_management::{
+            crypto::{AuthRequestMethod, InitUserCryptoMethod, InitUserCryptoRequest},
+            SymmetricKeyId,
+        },
     };
 
     #[test]
@@ -164,7 +167,15 @@ mod tests {
         let private_key ="2.yN7l00BOlUE0Sb0M//Q53w==|EwKG/BduQRQ33Izqc/ogoBROIoI5dmgrxSo82sgzgAMIBt3A2FZ9vPRMY+GWT85JiqytDitGR3TqwnFUBhKUpRRAq4x7rA6A1arHrFp5Tp1p21O3SfjtvB3quiOKbqWk6ZaU1Np9HwqwAecddFcB0YyBEiRX3VwF2pgpAdiPbSMuvo2qIgyob0CUoC/h4Bz1be7Qa7B0Xw9/fMKkB1LpOm925lzqosyMQM62YpMGkjMsbZz0uPopu32fxzDWSPr+kekNNyLt9InGhTpxLmq1go/pXR2uw5dfpXc5yuta7DB0EGBwnQ8Vl5HPdDooqOTD9I1jE0mRyuBpWTTI3FRnu3JUh3rIyGBJhUmHqGZvw2CKdqHCIrQeQkkEYqOeJRJVdBjhv5KGJifqT3BFRwX/YFJIChAQpebNQKXe/0kPivWokHWwXlDB7S7mBZzhaAPidZvnuIhalE2qmTypDwHy22FyqV58T8MGGMchcASDi/QXI6kcdpJzPXSeU9o+NC68QDlOIrMVxKFeE7w7PvVmAaxEo0YwmuAzzKy9QpdlK0aab/xEi8V4iXj4hGepqAvHkXIQd+r3FNeiLfllkb61p6WTjr5urcmDQMR94/wYoilpG5OlybHdbhsYHvIzYoLrC7fzl630gcO6t4nM24vdB6Ymg9BVpEgKRAxSbE62Tqacxqnz9AcmgItb48NiR/He3n3ydGjPYuKk/ihZMgEwAEZvSlNxYONSbYrIGDtOY+8Nbt6KiH3l06wjZW8tcmFeVlWv+tWotnTY9IqlAfvNVTjtsobqtQnvsiDjdEVtNy/s2ci5TH+NdZluca2OVEr91Wayxh70kpM6ib4UGbfdmGgCo74gtKvKSJU0rTHakQ5L9JlaSDD5FamBRyI0qfL43Ad9qOUZ8DaffDCyuaVyuqk7cz9HwmEmvWU3VQ+5t06n/5kRDXttcw8w+3qClEEdGo1KeENcnXCB32dQe3tDTFpuAIMLqwXs6FhpawfZ5kPYvLPczGWaqftIs/RXJ/EltGc0ugw2dmTLpoQhCqrcKEBDoYVk0LDZKsnzitOGdi9mOWse7Se8798ib1UsHFUjGzISEt6upestxOeupSTOh0v4+AjXbDzRUyogHww3V+Bqg71bkcMxtB+WM+pn1XNbVTyl9NR040nhP7KEf6e9ruXAtmrBC2ah5cFEpLIot77VFZ9ilLuitSz+7T8n1yAh1IEG6xxXxninAZIzi2qGbH69O5RSpOJuJTv17zTLJQIIc781JwQ2TTwTGnx5wZLbffhCasowJKd2EVcyMJyhz6ru0PvXWJ4hUdkARJs3Xu8dus9a86N8Xk6aAPzBDqzYb1vyFIfBxP0oO8xFHgd30Cgmz8UrSE3qeWRrF8ftrI6xQnFjHBGWD/JWSvd6YMcQED0aVuQkuNW9ST/DzQThPzRfPUoiL10yAmV7Ytu4fR3x2sF0Yfi87YhHFuCMpV/DsqxmUizyiJuD938eRcH8hzR/VO53Qo3UIsqOLcyXtTv6THjSlTopQ+JOLOnHm1w8dzYbLN44OG44rRsbihMUQp+wUZ6bsI8rrOnm9WErzkbQFbrfAINdoCiNa6cimYIjvvnMTaFWNymqY1vZxGztQiMiHiHYwTfwHTXrb9j0uPM=|09J28iXv9oWzYtzK2LBT6Yht4IT4MijEkk0fwFdrVQ4=".parse().unwrap();
         client
             .internal
-            .initialize_user_crypto_master_key(master_key, user_key, private_key, None)
+            .initialize_user_crypto_master_key(
+                master_key,
+                user_key,
+                UserKeyState {
+                    private_key,
+                    signing_key: None,
+                    security_state: None,
+                },
+            )
             .unwrap();
 
         let public_key = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvyLRDUwXB4BfQ507D4meFPmwn5zwy3IqTPJO4plrrhnclWahXa240BzyFW9gHgYu+Jrgms5xBfRTBMcEsqqNm7+JpB6C1B6yvnik0DpJgWQw1rwvy4SUYidpR/AWbQi47n/hvnmzI/sQxGddVfvWu1iTKOlf5blbKYAXnUE5DZBGnrWfacNXwRRdtP06tFB0LwDgw+91CeLSJ9py6dm1qX5JIxoO8StJOQl65goLCdrTWlox+0Jh4xFUfCkb+s3px+OhSCzJbvG/hlrSRcUz5GnwlCEyF3v5lfUtV96MJD+78d8pmH6CfFAp2wxKRAbGdk+JccJYO6y6oIXd3Fm7twIDAQAB";
@@ -232,7 +243,15 @@ mod tests {
 
         existing_device
             .internal
-            .initialize_user_crypto_master_key(master_key, user_key, private_key.clone(), None)
+            .initialize_user_crypto_master_key(
+                master_key,
+                user_key,
+                UserKeyState {
+                    private_key: private_key.clone(),
+                    signing_key: None,
+                    security_state: None,
+                },
+            )
             .unwrap();
 
         // Initialize a new device which will request to be logged in
@@ -251,6 +270,7 @@ mod tests {
                 email: email.to_owned(),
                 private_key,
                 signing_key: None,
+                security_state: None,
                 method: InitUserCryptoMethod::AuthRequest {
                     request_private_key: auth_req.private_key,
                     method: AuthRequestMethod::UserKey {

crates/bitwarden-core/src/auth/auth_request.rs

@@ -8,7 +8,7 @@ use crate::{
         login::{response::two_factor::TwoFactorProviders, LoginError, PasswordLoginResponse},
         JwtToken,
     },
-    client::{LoginMethod, UserLoginMethod},
+    client::{internal::UserKeyState, LoginMethod, UserLoginMethod},
     require, Client,
 };
 
@@ -54,8 +54,11 @@ pub(crate) async fn login_api_key(
         client.internal.initialize_user_crypto_master_key(
             master_key,
             user_key,
-            private_key,
-            None,
+            UserKeyState {
+                private_key,
+                signing_key: None,
+                security_state: None,
+            },
         )?;
     }
 

crates/bitwarden-core/src/auth/login/api_key.rs

@@ -121,6 +121,7 @@ pub(crate) async fn complete_auth_request(
                 email: auth_req.email,
                 private_key: require!(r.private_key).parse()?,
                 signing_key: None,
+                security_state: None,
                 method: InitUserCryptoMethod::AuthRequest {
                     request_private_key: auth_req.private_key,
                     method,

crates/bitwarden-core/src/auth/login/auth_request.rs

@@ -23,7 +23,10 @@ pub(crate) async fn login_password(
 ) -> Result<PasswordLoginResponse, LoginError> {
     use bitwarden_crypto::{EncString, HashPurpose, MasterKey};
 
-    use crate::{client::UserLoginMethod, require};
+    use crate::{
+        client::{internal::UserKeyState, UserLoginMethod},
+        require,
+    };
 
     info!("password logging in");
 
@@ -53,8 +56,11 @@ pub(crate) async fn login_password(
         client.internal.initialize_user_crypto_master_key(
             master_key,
             user_key,
-            private_key,
-            None,
+            UserKeyState {
+                private_key,
+                signing_key: None,
+                security_state: None,
+            },
         )?;
     }
 

crates/bitwarden-core/src/auth/login/password.rs

@@ -80,9 +80,12 @@ pub(crate) fn validate_password_user_key(
 
 #[cfg(test)]
 mod tests {
-    use bitwarden_crypto::Kdf;
+    use bitwarden_crypto::{EncString, Kdf};
 
-    use crate::auth::password::{validate::validate_password_user_key, validate_password};
+    use crate::{
+        auth::password::{validate::validate_password_user_key, validate_password},
+        client::internal::UserKeyState,
+    };
 
     #[test]
     fn test_validate_password() {
@@ -135,16 +138,19 @@ mod tests {
 
         let master_key = MasterKey::derive(password, email, &kdf).unwrap();
 
-        let user_key = "2.Q/2PhzcC7GdeiMHhWguYAQ==|GpqzVdr0go0ug5cZh1n+uixeBC3oC90CIe0hd/HWA/pTRDZ8ane4fmsEIcuc8eMKUt55Y2q/fbNzsYu41YTZzzsJUSeqVjT8/iTQtgnNdpo=|dwI+uyvZ1h/iZ03VQ+/wrGEFYVewBUUl/syYgjsNMbE=";
+        let user_key: EncString = "2.Q/2PhzcC7GdeiMHhWguYAQ==|GpqzVdr0go0ug5cZh1n+uixeBC3oC90CIe0hd/HWA/pTRDZ8ane4fmsEIcuc8eMKUt55Y2q/fbNzsYu41YTZzzsJUSeqVjT8/iTQtgnNdpo=|dwI+uyvZ1h/iZ03VQ+/wrGEFYVewBUUl/syYgjsNMbE=".parse().unwrap();
         let private_key = "2.yN7l00BOlUE0Sb0M//Q53w==|EwKG/BduQRQ33Izqc/ogoBROIoI5dmgrxSo82sgzgAMIBt3A2FZ9vPRMY+GWT85JiqytDitGR3TqwnFUBhKUpRRAq4x7rA6A1arHrFp5Tp1p21O3SfjtvB3quiOKbqWk6ZaU1Np9HwqwAecddFcB0YyBEiRX3VwF2pgpAdiPbSMuvo2qIgyob0CUoC/h4Bz1be7Qa7B0Xw9/fMKkB1LpOm925lzqosyMQM62YpMGkjMsbZz0uPopu32fxzDWSPr+kekNNyLt9InGhTpxLmq1go/pXR2uw5dfpXc5yuta7DB0EGBwnQ8Vl5HPdDooqOTD9I1jE0mRyuBpWTTI3FRnu3JUh3rIyGBJhUmHqGZvw2CKdqHCIrQeQkkEYqOeJRJVdBjhv5KGJifqT3BFRwX/YFJIChAQpebNQKXe/0kPivWokHWwXlDB7S7mBZzhaAPidZvnuIhalE2qmTypDwHy22FyqV58T8MGGMchcASDi/QXI6kcdpJzPXSeU9o+NC68QDlOIrMVxKFeE7w7PvVmAaxEo0YwmuAzzKy9QpdlK0aab/xEi8V4iXj4hGepqAvHkXIQd+r3FNeiLfllkb61p6WTjr5urcmDQMR94/wYoilpG5OlybHdbhsYHvIzYoLrC7fzl630gcO6t4nM24vdB6Ymg9BVpEgKRAxSbE62Tqacxqnz9AcmgItb48NiR/He3n3ydGjPYuKk/ihZMgEwAEZvSlNxYONSbYrIGDtOY+8Nbt6KiH3l06wjZW8tcmFeVlWv+tWotnTY9IqlAfvNVTjtsobqtQnvsiDjdEVtNy/s2ci5TH+NdZluca2OVEr91Wayxh70kpM6ib4UGbfdmGgCo74gtKvKSJU0rTHakQ5L9JlaSDD5FamBRyI0qfL43Ad9qOUZ8DaffDCyuaVyuqk7cz9HwmEmvWU3VQ+5t06n/5kRDXttcw8w+3qClEEdGo1KeENcnXCB32dQe3tDTFpuAIMLqwXs6FhpawfZ5kPYvLPczGWaqftIs/RXJ/EltGc0ugw2dmTLpoQhCqrcKEBDoYVk0LDZKsnzitOGdi9mOWse7Se8798ib1UsHFUjGzISEt6upestxOeupSTOh0v4+AjXbDzRUyogHww3V+Bqg71bkcMxtB+WM+pn1XNbVTyl9NR040nhP7KEf6e9ruXAtmrBC2ah5cFEpLIot77VFZ9ilLuitSz+7T8n1yAh1IEG6xxXxninAZIzi2qGbH69O5RSpOJuJTv17zTLJQIIc781JwQ2TTwTGnx5wZLbffhCasowJKd2EVcyMJyhz6ru0PvXWJ4hUdkARJs3Xu8dus9a86N8Xk6aAPzBDqzYb1vyFIfBxP0oO8xFHgd30Cgmz8UrSE3qeWRrF8ftrI6xQnFjHBGWD/JWSvd6YMcQED0aVuQkuNW9ST/DzQThPzRfPUoiL10yAmV7Ytu4fR3x2sF0Yfi87YhHFuCMpV/DsqxmUizyiJuD938eRcH8hzR/VO53Qo3UIsqOLcyXtTv6THjSlTopQ+JOLOnHm1w8dzYbLN44OG44rRsbihMUQp+wUZ6bsI8rrOnm9WErzkbQFbrfAINdoCiNa6cimYIjvvnMTaFWNymqY1vZxGztQiMiHiHYwTfwHTXrb9j0uPM=|09J28iXv9oWzYtzK2LBT6Yht4IT4MijEkk0fwFdrVQ4=".parse().unwrap();
 
         client
             .internal
             .initialize_user_crypto_master_key(
                 master_key,
-                user_key.parse().unwrap(),
-                private_key,
-                None,
+                user_key.clone(),
+                UserKeyState {
+                    private_key,
+                    signing_key: None,
+                    security_state: None,
+                },
             )
             .unwrap();
 
@@ -191,8 +197,11 @@ mod tests {
             .initialize_user_crypto_master_key(
                 master_key,
                 user_key.parse().unwrap(),
-                private_key,
-                None,
+                UserKeyState {
+                    private_key,
+                    signing_key: None,
+                    security_state: None,
+                },
             )
             .unwrap();
 

crates/bitwarden-core/src/auth/password/validate.rs

@@ -49,7 +49,7 @@ mod tests {
     use bitwarden_crypto::{Kdf, MasterKey};
 
     use super::*;
-    use crate::client::{Client, LoginMethod, UserLoginMethod};
+    use crate::client::{internal::UserKeyState, Client, LoginMethod, UserLoginMethod};
 
     fn init_client() -> Client {
         let client = Client::new(None);
@@ -78,8 +78,11 @@ mod tests {
             .initialize_user_crypto_master_key(
                 master_key,
                 user_key.parse().unwrap(),
-                private_key,
-                None,
+                UserKeyState {
+                    private_key,
+                    signing_key: None,
+                    security_state: None,
+                },
             )
             .unwrap();
 

crates/bitwarden-core/src/auth/pin.rs

@@ -4,7 +4,10 @@ use bitwarden_crypto::{
     TrustDeviceResponse, UnsignedSharedKey, UserKey,
 };
 
-use crate::{client::encryption_settings::EncryptionSettingsError, Client};
+use crate::{
+    client::{encryption_settings::EncryptionSettingsError, internal::UserKeyState},
+    Client,
+};
 
 /// This function generates a new user key and key pair, initializes the client's crypto with the
 /// generated user key, and encrypts the user key with the organization public key for admin
@@ -41,10 +44,13 @@ pub(super) fn make_register_tde_keys(
         ));
     client.internal.initialize_user_crypto_decrypted_key(
         user_key.0,
-        key_pair.private.clone(),
-        // Note: Signing keys are not supported on registration yet. This needs to be changed as
-        // soon as registration is supported.
-        None,
+        UserKeyState {
+            private_key: key_pair.private.clone(),
+            // TODO (https://bitwarden.atlassian.net/browse/PM-21771) Signing keys are not supported on registration yet. This needs to be changed as
+            // soon as registration is supported.
+            signing_key: None,
+            security_state: None,
+        },
     )?;
 
     Ok(RegisterTdeKeyResponse {